The greatest problem of communication is the illusion that it has been accomplished.
George Bernard Shaw
Risk messaging is the fourth step in the ERM process cycle. In this chapter, we will discuss two types of risk messaging: internal risk messaging and external risk messaging.
Internal Risk Messaging
Internal risk messaging refers to incorporating ERM information into performance measurement and management.
There are two aspects of internal risk messaging:
1. Integrating ERM into business performance analysis
2. Integrating ERM into incentive compensation
Embedding ERM information into business performance analysis and incentive compensation signals all levels of management that there is a strong commitment to the ERM program. Effective internal risk messaging is necessary to drive the appropriate ERM activities in the risk identification, risk quantification, and risk decision making ERM process steps. If internal risk messaging is ineffective or nonexistent, management realizes that they themselves are being measured on the same basis that pre-dated ERM; as a result management begins to minimize ERM efforts or ignore them altogether.
Internal risk messaging—integrating ERM into performance measurement and management—along with integrating ERM into decision making (discussed in Chapter 6), constitute what we are defining as risk culture.
Integrating ERM into Business Performance Analysis
We will discuss how ERM enhances two traditional methods for ...